Skip to content

Add TSIG key support for OpenStack DNS v2 API#3623

Merged
mandre merged 1 commit intogophercloud:mainfrom
omersch381:add_tsigkey_support
Feb 18, 2026
Merged

Add TSIG key support for OpenStack DNS v2 API#3623
mandre merged 1 commit intogophercloud:mainfrom
omersch381:add_tsigkey_support

Conversation

@omersch381
Copy link
Copy Markdown
Contributor

@omersch381 omersch381 commented Jan 30, 2026

Implement TSIG (Transaction SIGnature) key management for the Designate DNS service, enabling authentication of DNS transactions between servers for zone transfers and dynamic updates.

Fixes #3622

Links to the line numbers/files in the OpenStack source code that support the
code in this PR:

API Controller (REST endpoints):
https://github.com/openstack/designate/blob/master/designate/api/v2/controllers/tsigkeys.py

Service Implementation (CRUD methods): https://github.com/openstack/designate/blob/master/designate/central/service.py#L618-L670

TSIG Key Object Definition:
https://github.com/openstack/designate/blob/master/designate/objects/tsigkey.py

Python Client Reference:
https://github.com/openstack/python-designateclient/blob/master/designateclient/v2/tsigkeys.py

@github-actions github-actions bot added edit:dns This PR updates dns code semver:minor Backwards-compatible change backport-v2 This PR will be backported to v2 labels Jan 30, 2026
@coveralls
Copy link
Copy Markdown

coveralls commented Feb 10, 2026
edited
Loading

Coverage Status

coverage: 63.852% (-0.01%) from 63.865%
when pulling 53881b9 on omersch381:add_tsigkey_support
into 511d6f6 on gophercloud:main.

mandre
mandre reviewed Feb 12, 2026
View reviewed changes
@mandre
Copy link
Copy Markdown
Contributor

mandre commented Feb 12, 2026

Apart from the the missing required ResourceID, this looks good. We can merge once this passes CI.

@omersch381
Copy link
Copy Markdown
Contributor Author

omersch381 commented Feb 16, 2026

I have switched it to be required:"true"

@mandre
Copy link
Copy Markdown
Contributor

mandre commented Feb 16, 2026

You'll need to update the acceptance tests too.

@omersch381
Add TSIG key support for OpenStack DNS v2 API
53881b9 
Implement TSIG (Transaction SIGnature) key management for the
Designate DNS service, enabling authentication of DNS transactions
between servers for zone transfers and dynamic updates.

Fixes gophercloud#3622

Signed-off-by: Omer <omersch381@gmail.com>
@omersch381
Copy link
Copy Markdown
Contributor Author

omersch381 commented Feb 18, 2026

While investigating the acceptance tests, I tested TSIG key creation on my devstack machine and I saw that creating TSIG keys with POOL scope requires admin privileges. I hope I added those in the correct place. Thanks for the comment.

@mandre mandre enabled auto-merge February 18, 2026 16:23
@mandre mandre added this pull request to the merge queue Feb 18, 2026
Merged via the queue into gophercloud:main with commit 165a4ed Feb 18, 2026
62 checks passed
@gophercloud-backport-bot gophercloud-backport-bot bot mentioned this pull request Feb 18, 2026
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mandre mandre mandre approved these changes

Assignees

No one assigned

Labels

backport-v2 This PR will be backported to v2 edit:dns This PR updates dns code semver:minor Backwards-compatible change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Designate: Add TSIG key support

3 participants

@omersch381 @coveralls @mandre